The embodiments described herein relate to methods and apparatus for analyzing API traffic to identify potential malicious actions within a smart outlier detection system.
Application Programming Interfaces or APIs allow software applications to communicate with each other so that users and programs can use the applications to accomplish any number of tasks such as information gathering, social communication, e-commerce transactions, accessing entertainment, educational content, etc. APIs can include a set of subroutine definitions, communication protocols, and other tools for building and managing software applications and interactions between components of the software applications. In an instance where a user requests a service or a function of a software application, the request can be transmitted to an API in the form of an API request or an API call. Logins, saves, queries, and other instructions are examples of operations counted as API requests among other types of operations. The API calls can lead to performing one or more of the desired functions and may return any queried information.
It is important to implement security measures in transactions mediated through API traffic. Driven by the rapid increase in mobile and Internet-of-Things (IoT) devices, APIs and micro-services are increasingly used to make business logic and data more accessible to users. APIs, however, can make it easier for malicious users and programs to access business applications, control systems, and databases. Thus, a need exists for improved apparatuses and methods for effective monitoring and analysis of API traffic to identify and/or thwart potential malicious actions.